Hello,

I was just out on the SANS ISC (http://isc.sans.org/) and was reading an interesting post in the diary. (There are links on the site which help clarify the story. Browse to it for more.) This is it:

Our handler Lorna Hutcheson, in her diary from December 7th, noted the dangers of posting URLs, in particular clickable URLs, on our site. To drive the point home, he added a "suspect" URL, and we tracked how many people clicked on it.We had about 1,000 users click on the link. 80% used the same browser they used to read the diary, so I consider them "production browsers". 10% used "safe browsers" like wget. The remainders are bots/search engines that followed the link.Most people who responded to the diary noted that they do need access to malicious code (and malicious URLs) in order to be able to block them at their web proxies, or that they use safe browsers to access suspicious links. We will continue to post links in our diaries. It is up to the particular handler to decide if it is appropriate to obfuscate the URL, post a partial URL, or not post it at all if it is deemed not appropriate or too risky.

About 20-40,000 users typically read a diary, so 1,000 is not all that large of a number, but still considerable.
This reminds me of a post someone put here on AO a few weeks back about when the ISC was recording how many people were using IE and were vulnerable to an attack. The point in that post was that people that read the ISC diaries are mostly security minded... at least that is what you would think.

I found the diary today very amusing and thought I should share.

-Deeboe